package com.newbe.security.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * @Auther: Newbe
 * @Date: 2020/3/27 15:36
 * @Description: SecurityConfig 配置类
 * @EnableWebSecurity ：1.开启加载了WebSecurityConfiguration配置类, 配置安全认证策略。
 *                       2: 加载了AuthenticationConfiguration, 配置了认证信息。
 *                       3.不需要加上@Configuration ,内部已经有@Configuration
 */
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    //配置认证信息和权限
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .inMemoryAuthentication()  //内存认证方法
                .passwordEncoder(new BCryptPasswordEncoder()) //加密
                .withUser("newbe")               //设置用户名
                .password(new BCryptPasswordEncoder().encode("123456"))//对密码加密
                .roles("ADMIN");//设置角色

    }
    //配置Http拦截资源
    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests().antMatchers("/**").fullyAuthenticated()
                .and().httpBasic();
        //http.authorizeRequests()方法有很多子方法，每个子匹配器将会按照声明的顺序起作用
        //antMatchers()对什么样的请求可以放过，什么样的请求需要验证
        //.fullyAuthenticated() 用户认证后完成可访问
        //and()将方法链接在一起的一种方式
        //httpBasic()认证模式

    }
    //配置拦截资源过滤器
    @Override
    public void configure(WebSecurity web) throws Exception {
    super.configure(web);
    }
}
